Sr. Engineering Program Manager, Security Site Reliability Engineering, Apple Services Engineering

Sr. Engineering Program Manager, Security Site Reliability Engineering, Apple Services Engineering

The Apple Services Engineering team is one of the most exciting examples of Apple’s long-held passion for combining art and technology. These are the people who power the App Store, Apple TV, Apple Music, Apple Podcasts, and Apple Books. And they do it on an extensive scale, meeting Apple’s high expectations with dedication to deliver a huge variety of entertainment in over 35 languages to more than 150 countries. Our Program Managers partner with engineers who build secure, end-to-end solutions. Thanks to Apple’s unique integration of hardware, software, and services, engineers and Program Managers partner to get behind a single unified vision. That vision always includes a deep commitment to strengthening Apple’s privacy policy, one of Apple’s core values. Although services are a bigger part of Apple’s business than ever before, these teams remain small, flexible, and cross-functional, offering greater exposure to the array of opportunities here.

As a Security SRE Engineering Program Manager in ASE, you are both a technical and functional expert in the world of securing enterprise servers and services at scale. You'll partner with a diverse set of teams across Apple to provide them with groundbreaking secure infrastructure that operates at a substantial scale and uses open-source technologies such as Kubernetes along with proprietary systems. You will work directly with SRE and Engineering teams to deliver security improvements, creative mitigations, and remediation strategies across Apple to exceed our high expectations. This is not a task-based job; we are accountable for delivering secure and performant systems. Partnering with program and engineering leaders and teams, you will influence and drive every aspect of software and hardware development and deployment including definition, design, integration, build, qualification, and release processes; identify release blockers and run the implementation and deployment of remediations to development, QA, and production environments both on-premise and in public cloud infrastructure globally. You can expect to partner with engineering and other multi-functional teams to identify opportunities to secure our services and machines, to gather input, then deploy and improve those security controls. You will also work closely with other engineering teams to make security-improving changes to their tools, processes, and workflows.

Minimum Qualifications

• 8-10 years of proven experience in technical program management in at least one of the following areas: security review, adversarial and/or collaborative testing, detection and response, incident and/or vulnerability management, education, outreach, or automation of testing, tooling, or remediations.
• Experience leading Cloud native Infrastructure programs.

Preferred Qualifications

• Ability to dive deep into technical areas, as demonstrated by deep technical expertise in one or more security engineering technologies or domains.
• Experience in several of the following areas: Software Security Assurance, Application Security, Threat Modeling, Secure Coding Practices, Vulnerability Assessment, Secure Development Lifecycle (SDLC), Security Requirements Analysis, Secure tunneling protocols (IPSec, TLS, Etc.), Secure Architecture Design, Secure Development Tools and Techniques, Certificate-based authentication, encryption, Secure Development Frameworks (e.g., OWASP SAMM), Secure Software Development Methodologies (e.g., Agile, DevSecOps), enterprise server administration and management at scale.
• Able to think critically and creatively, identify risks, and drive the execution across multiple teams to remediate them.
• Able to focus and simplify, balancing the details with goals, priorities, and trade-offs in mind.
• Outstanding verbal and written communication skills.
• Ability to filter and distill relevant information for the right audience.
• Demonstrated ability to work effectively with and influence multiple collaborators across a highly matrixed, multi-functional organization.
• Past experience in defining multi-functional processes and completing them successfully.
• Experience working in a security engineering or a technical/engineering program management role.
• Ability to handle multiple simultaneous end-to-end infrastructure, technical projects, and partner communities comprising various engineering teams and their partners.
• Experience at end to end-to-end project delivery; building roadmaps through to operational sustainability.
• Strong facilitation skills (requirements sessions, design meetings, progress and status meetings).
• A BS/MS in Computer Science, Engineering or a similar technical field is preferred.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.